University of Palestine Web Programming Final Exam

University of Palestine, Web Programming Final Exam, 11 February 2009.
University of Palestine
Faculty of Applied Engineering and Urban Planning
Software Engineering Department
Date:.WED,11.02.09 | 9:00-11:30
Web Programming Final Exam

Course:
Exam:
Student:
Name and ID: ESGD4119 | Web Programming |

Instructor Name: Mohammad Amin Kuhail
Type: Final Exam.
C/O: Closed Exam.
Location:.
Number of Questions: 3.
Grade: 100 marks.
Dictionary Allowed: No.
Date :WED,11.02.09.
Duration: 2.5 Hrs.
Student Name:
Student ID:
1. Answer the following questions:
[20 Marks: 10/Q ]
1. HTTP is a stateless protocol. That is, it doesnt allow servers to keep clients state. However,
sessions and cookies were developed to tackle this issue. Explain.
2. Compare GET and POST in terms of method of sending information, usage, and limitations.
Give a simple example in both cases.
2. Choose the correct answer:
1. Inside which HTML element do we put the JavaScript?

a)
b)
c)
d)
<script>
<js>
<javascript>
<scripting>
2. Where is the correct place to insert a JavaScript?

a)
b)
c)
d)
The <body> section

Both the <head> section and the <body> section are correct
The <head> section
None of the above.
3. What is the correct way to write a JavaScript array?

a)
b)
c)
d)
var
var
var
var
txt
txt
txt
txt
=
=
=
=
new
new
new
new
Array("tim","kim","jim")
Array:1=("tim")2=("kim")3=("jim")
Array(1:"tim",2:"kim",3:"jim")
Array="tim","kim","jim"
4. All variables in PHP start with which symbol?

a)
b)
c)
d)
&
!
$
#
Page
1 of 4
[ 30 Marks ]
5. What is the correct way to include the file "time.inc" ?

a)
b)
c)
d)

<% include file="time.inc" %>
<?php include_file("time.inc"); ?>
<?php require("time.inc"); ?>
6. What is the correct way to create a function in PHP?

a)
b)
c)
d)
function myFunction()
new_function myFunction()
create myFunction()
None of the above.
7. To call an object obj function foo within the object itself:

a)
b)
c)
d)
$obj.foo()
$obj->foo()
a+b
$this->foo()
8. The final visibility means that the method or the class is accessed:
a)
b)
c)
d)
From
From
From
From
any scope but cant be overridden.

within the class where it is defined.
within the class where it is defined and its descendants.
any scope.
9. Escaping output means:

a)
b)
c)
d)
Ensures the validity of data coming into the web application.

Uses whitelist approach.
Uses blacklist approach.
Protect the system and its users from potentially harmful attacks.
10. To tackle the spoofed forms attack:

a)
b)
c)
d)
Use client side validation.

Use SSL secure connection.
Use server side validation.
Escape your output.
Page
2 of 4
3. Employees Affairs System
[50 Marks ]
Figure 1 shows a part of the database of the Employee Affairs System of the University
of Palestine. It simply contains two related tables; employees and departments where
one employee can work in one department, and one department can contain many
employees. Figure 2 shows two web pages we consider. The first one titled as
add.employee.php. The second is process.php. Figure 3 shows an HTML source of the
page add.employee.php.
ID
name
Employee
name
ID
Works in
Department
gender
Figure 1: System ER diagram
php
add.employee.php
php
process.php
Figure 2: System pages

1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
<html>
<body>
<form method="POST" action="process.php">
Name:<input type="text" name="name" size="20">
<br/>
ID:<input type="text" name="ID" size="20">
<br/>
Department:<select size="1" name="department"></select>
<br/>
Gender: <select size="1" name="gender">
<option selected value="Male">Male</option>
<option>Female</option>
</select>
<br/>
<input type="submit" value="submit" name="Submit"><input
type="reset" value="reset" name="reset">
16. </form>
17. </body>
18. </html>
Figure 3: HTML Code of add.employee.php
Page
3 of 4
Assumptions:
-
Your mysql database is installed and ready to use.

The main DB server name is SE.
Username and password are admin,yes accordingly.
The DB name you need to select is named as WEB.
Notes:
-
Your solution MUST handle errors using try and catch exception mechanism.
It is recommended you provide an object oriented solution.
Requirements:
1)
-
Write a Javascript code to verify the add.student form based on the

following elements:
All values must not be empty.
Gender values must be either male or female.
ID must be numeric number.
2)
[10 Marks ]
[10 Marks ]
Write a php code that does the verification elements mentioned in 1 in

addition to the following:
Name value must be alphabetic.
ID must be obtained from the department table.
3)
[30 Marks ]
Write a php code that adds values inserted in the form of add.employee
to the system database. This php code shall be encapsulated within process.php.
A success message shall be shown when added successfully. Otherwise, a failure
message should be shown accompanying the error type.
Page
4 of 4

University of Palestine Web Programming Final Exam

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

University of Palestine Web Programming Final Exam

Uploaded by

Copyright:

Available Formats

University of Palestine, Web Programming Final Exam, 11 February 2009.

Web Programming Final Exam

Name and ID: ESGD4119 | Web Programming |

1. Answer the following questions:

[20 Marks: 10/Q ]

2. Choose the correct answer:

1. Inside which HTML element do we put the JavaScript?

2. Where is the correct place to insert a JavaScript?

The <body> section

3. What is the correct way to write a JavaScript array?

4. All variables in PHP start with which symbol?